From 724fe47fa06cbd607739799372e98e3f65c6407e Mon Sep 17 00:00:00 2001
From: Salvatore Bonaccorso <carnil@debian.org>
Date: Mon, 4 Mar 2024 20:48:01 +0100
Subject: Retire resolved CVEs

---
 active/CVE-2021-47082  | 15 ---------------
 active/CVE-2021-47084  | 15 ---------------
 active/CVE-2021-47085  | 15 ---------------
 active/CVE-2021-47086  | 15 ---------------
 active/CVE-2021-47087  | 16 ----------------
 active/CVE-2021-47088  | 16 ----------------
 active/CVE-2021-47089  | 16 ----------------
 active/CVE-2021-47090  | 16 ----------------
 active/CVE-2021-47091  | 16 ----------------
 active/CVE-2021-47092  | 16 ----------------
 active/CVE-2021-47093  | 16 ----------------
 active/CVE-2021-47095  | 16 ----------------
 active/CVE-2021-47096  | 16 ----------------
 active/CVE-2021-47097  | 16 ----------------
 active/CVE-2021-47098  | 16 ----------------
 active/CVE-2021-47099  | 16 ----------------
 active/CVE-2021-47100  | 16 ----------------
 active/CVE-2021-47102  | 16 ----------------
 active/CVE-2021-47103  | 16 ----------------
 active/CVE-2021-47104  | 17 -----------------
 active/CVE-2021-47106  | 16 ----------------
 active/CVE-2021-47107  | 18 ------------------
 active/CVE-2021-47108  | 17 -----------------
 retired/CVE-2021-47082 | 15 +++++++++++++++
 retired/CVE-2021-47084 | 15 +++++++++++++++
 retired/CVE-2021-47085 | 15 +++++++++++++++
 retired/CVE-2021-47086 | 15 +++++++++++++++
 retired/CVE-2021-47087 | 16 ++++++++++++++++
 retired/CVE-2021-47088 | 16 ++++++++++++++++
 retired/CVE-2021-47089 | 16 ++++++++++++++++
 retired/CVE-2021-47090 | 16 ++++++++++++++++
 retired/CVE-2021-47091 | 16 ++++++++++++++++
 retired/CVE-2021-47092 | 16 ++++++++++++++++
 retired/CVE-2021-47093 | 16 ++++++++++++++++
 retired/CVE-2021-47095 | 16 ++++++++++++++++
 retired/CVE-2021-47096 | 16 ++++++++++++++++
 retired/CVE-2021-47097 | 16 ++++++++++++++++
 retired/CVE-2021-47098 | 16 ++++++++++++++++
 retired/CVE-2021-47099 | 16 ++++++++++++++++
 retired/CVE-2021-47100 | 16 ++++++++++++++++
 retired/CVE-2021-47102 | 16 ++++++++++++++++
 retired/CVE-2021-47103 | 16 ++++++++++++++++
 retired/CVE-2021-47104 | 17 +++++++++++++++++
 retired/CVE-2021-47106 | 16 ++++++++++++++++
 retired/CVE-2021-47107 | 18 ++++++++++++++++++
 retired/CVE-2021-47108 | 17 +++++++++++++++++
 46 files changed, 368 insertions(+), 368 deletions(-)
 delete mode 100644 active/CVE-2021-47082
 delete mode 100644 active/CVE-2021-47084
 delete mode 100644 active/CVE-2021-47085
 delete mode 100644 active/CVE-2021-47086
 delete mode 100644 active/CVE-2021-47087
 delete mode 100644 active/CVE-2021-47088
 delete mode 100644 active/CVE-2021-47089
 delete mode 100644 active/CVE-2021-47090
 delete mode 100644 active/CVE-2021-47091
 delete mode 100644 active/CVE-2021-47092
 delete mode 100644 active/CVE-2021-47093
 delete mode 100644 active/CVE-2021-47095
 delete mode 100644 active/CVE-2021-47096
 delete mode 100644 active/CVE-2021-47097
 delete mode 100644 active/CVE-2021-47098
 delete mode 100644 active/CVE-2021-47099
 delete mode 100644 active/CVE-2021-47100
 delete mode 100644 active/CVE-2021-47102
 delete mode 100644 active/CVE-2021-47103
 delete mode 100644 active/CVE-2021-47104
 delete mode 100644 active/CVE-2021-47106
 delete mode 100644 active/CVE-2021-47107
 delete mode 100644 active/CVE-2021-47108
 create mode 100644 retired/CVE-2021-47082
 create mode 100644 retired/CVE-2021-47084
 create mode 100644 retired/CVE-2021-47085
 create mode 100644 retired/CVE-2021-47086
 create mode 100644 retired/CVE-2021-47087
 create mode 100644 retired/CVE-2021-47088
 create mode 100644 retired/CVE-2021-47089
 create mode 100644 retired/CVE-2021-47090
 create mode 100644 retired/CVE-2021-47091
 create mode 100644 retired/CVE-2021-47092
 create mode 100644 retired/CVE-2021-47093
 create mode 100644 retired/CVE-2021-47095
 create mode 100644 retired/CVE-2021-47096
 create mode 100644 retired/CVE-2021-47097
 create mode 100644 retired/CVE-2021-47098
 create mode 100644 retired/CVE-2021-47099
 create mode 100644 retired/CVE-2021-47100
 create mode 100644 retired/CVE-2021-47102
 create mode 100644 retired/CVE-2021-47103
 create mode 100644 retired/CVE-2021-47104
 create mode 100644 retired/CVE-2021-47106
 create mode 100644 retired/CVE-2021-47107
 create mode 100644 retired/CVE-2021-47108

diff --git a/active/CVE-2021-47082 b/active/CVE-2021-47082
deleted file mode 100644
index e899aa55..00000000
--- a/active/CVE-2021-47082
+++ /dev/null
@@ -1,15 +0,0 @@
-Description: tun: avoid double free in tun_free_netdev
-References:
-Notes:
- carnil> First introducing commit could not be determined.
-Bugs:
-upstream: released (5.16-rc7) [158b515f703e75e7d68289bf4d98c664e1d632df]
-6.7-upstream-stable: N/A "Fixed before branching point"
-6.6-upstream-stable: N/A "Fixed before branching point"
-6.1-upstream-stable: N/A "Fixed before branching point"
-5.10-upstream-stable: released (5.10.136) [a01a4e9f5dc93335c716fa4023b1901956e8c904]
-4.19-upstream-stable: released (4.19.280) [8eb43d635950e27c29f1e9e49a23b31637f37757]
-sid: released (5.15.15-1)
-6.1-bookworm-security: N/A "Fixed before branching point"
-5.10-bullseye-security: released (5.10.136-1)
-4.19-buster-security: released (4.19.282-1)
diff --git a/active/CVE-2021-47084 b/active/CVE-2021-47084
deleted file mode 100644
index ea7c2f58..00000000
--- a/active/CVE-2021-47084
+++ /dev/null
@@ -1,15 +0,0 @@
-Description: hamradio: defer ax25 kfree after unregister_netdev
-References:
-Notes:
- carnil> First introducing commit could not be determined.
-Bugs:
-upstream: released (5.16-rc1) [3e0588c291d6ce225f2b891753ca41d45ba42469]
-6.7-upstream-stable: N/A "Fixed before branching point"
-6.6-upstream-stable: N/A "Fixed before branching point"
-6.1-upstream-stable: N/A "Fixed before branching point"
-5.10-upstream-stable: released (5.10.89) [450121075a6a6f1d50f97225d3396315309d61a1]
-4.19-upstream-stable: released (4.19.223) [896193a02a2981e60c40d4614fd095ce92135ccd]
-sid: released (5.15.15-1)
-6.1-bookworm-security: N/A "Fixed before branching point"
-5.10-bullseye-security: released (5.10.92-1)
-4.19-buster-security: released (4.19.232-1)
diff --git a/active/CVE-2021-47085 b/active/CVE-2021-47085
deleted file mode 100644
index c3ea36a3..00000000
--- a/active/CVE-2021-47085
+++ /dev/null
@@ -1,15 +0,0 @@
-Description: hamradio: improve the incomplete fix to avoid NPD
-References:
-Notes:
- carnil> First introducing commit could not be determined.
-Bugs:
-upstream: released (5.16-rc7) [b2f37aead1b82a770c48b5d583f35ec22aabb61e]
-6.7-upstream-stable: N/A "Fixed before branching point"
-6.6-upstream-stable: N/A "Fixed before branching point"
-6.1-upstream-stable: N/A "Fixed before branching point"
-5.10-upstream-stable: released (5.10.89) [7dd52af1eb5798f590d9d9e1c56ed8f5744ee0ca]
-4.19-upstream-stable: released (4.19.223) [b68f41c6320b2b7fbb54a95f07a69f3dc7e56c59]
-sid: released (5.15.15-1)
-6.1-bookworm-security: N/A "Fixed before branching point"
-5.10-bullseye-security: released (5.10.92-1)
-4.19-buster-security: released (4.19.232-1)
diff --git a/active/CVE-2021-47086 b/active/CVE-2021-47086
deleted file mode 100644
index f06d9fb0..00000000
--- a/active/CVE-2021-47086
+++ /dev/null
@@ -1,15 +0,0 @@
-Description: phonet/pep: refuse to enable an unbound pipe
-References:
-Notes:
- carnil> First introducing commit could not be determined.
-Bugs:
-upstream: released (5.16-rc7) [75a2f31520095600f650597c0ac41f48b5ba0068]
-6.7-upstream-stable: N/A "Fixed before branching point"
-6.6-upstream-stable: N/A "Fixed before branching point"
-6.1-upstream-stable: N/A "Fixed before branching point"
-5.10-upstream-stable: released (5.10.89) [52ad5da8e316fa11e3a50b3f089aa63e4089bf52]
-4.19-upstream-stable: released (4.19.223) [982b6ba1ce626ef87e5c29f26f2401897554f235]
-sid: released (5.15.15-1)
-6.1-bookworm-security: N/A "Fixed before branching point"
-5.10-bullseye-security: released (5.10.92-1)
-4.19-buster-security: released (4.19.232-1)
diff --git a/active/CVE-2021-47087 b/active/CVE-2021-47087
deleted file mode 100644
index e5d2150a..00000000
--- a/active/CVE-2021-47087
+++ /dev/null
@@ -1,16 +0,0 @@
-Description: tee: optee: Fix incorrect page free bug
-References:
-Notes:
- carnil> Introduced in ec185dd3ab25 ("optee: Fix memory leak when failing to register
- carnil> shm pages"). Vulnerable versions: 5.4.140 5.10.58 5.13.10 5.14-rc5.
-Bugs:
-upstream: released (5.16-rc7) [18549bf4b21c739a9def39f27dcac53e27286ab5]
-6.7-upstream-stable: N/A "Fixed before branching point"
-6.6-upstream-stable: N/A "Fixed before branching point"
-6.1-upstream-stable: N/A "Fixed before branching point"
-5.10-upstream-stable: released (5.10.89) [ad338d825e3f7b96ee542bf313728af2d19fe9ad]
-4.19-upstream-stable: N/A "Vulnerable code not present"
-sid: released (5.15.15-1)
-6.1-bookworm-security: N/A "Fixed before branching point"
-5.10-bullseye-security: released (5.10.92-1)
-4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/active/CVE-2021-47088 b/active/CVE-2021-47088
deleted file mode 100644
index defea2ea..00000000
--- a/active/CVE-2021-47088
+++ /dev/null
@@ -1,16 +0,0 @@
-Description: mm/damon/dbgfs: protect targets destructions with kdamond_lock
-References:
-Notes:
- carnil> Introduced in 4bc05954d007 ("mm/damon: implement a debugfs-based user space
- carnil> interface"). Vulnerable versions: 5.15-rc1.
-Bugs:
-upstream: released (5.16-rc7) [34796417964b8d0aef45a99cf6c2d20cebe33733]
-6.7-upstream-stable: N/A "Fixed before branching point"
-6.6-upstream-stable: N/A "Fixed before branching point"
-6.1-upstream-stable: N/A "Fixed before branching point"
-5.10-upstream-stable: N/A "Vulnerable code not present"
-4.19-upstream-stable: N/A "Vulnerable code not present"
-sid: released (5.15.15-1)
-6.1-bookworm-security: N/A "Fixed before branching point"
-5.10-bullseye-security: N/A "Vulnerable code not present"
-4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/active/CVE-2021-47089 b/active/CVE-2021-47089
deleted file mode 100644
index f9c0f686..00000000
--- a/active/CVE-2021-47089
+++ /dev/null
@@ -1,16 +0,0 @@
-Description: kfence: fix memory leak when cat kfence objects
-References:
-Notes:
- carnil> Introduced in 0ce20dd84089 ("mm: add Kernel Electric-Fence infrastructure").
- carnil> Vulnerable versions: 5.12-rc1.
-Bugs:
-upstream: released (5.16-rc7) [0129ab1f268b6cf88825eae819b9b84aa0a85634]
-6.7-upstream-stable: N/A "Fixed before branching point"
-6.6-upstream-stable: N/A "Fixed before branching point"
-6.1-upstream-stable: N/A "Fixed before branching point"
-5.10-upstream-stable: N/A "Vulnerable code not present"
-4.19-upstream-stable: N/A "Vulnerable code not present"
-sid: released (5.15.15-1)
-6.1-bookworm-security: N/A "Fixed before branching point"
-5.10-bullseye-security: N/A "Vulnerable code not present"
-4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/active/CVE-2021-47090 b/active/CVE-2021-47090
deleted file mode 100644
index b37f8556..00000000
--- a/active/CVE-2021-47090
+++ /dev/null
@@ -1,16 +0,0 @@
-Description: mm/hwpoison: clear MF_COUNT_INCREASED before retrying get_any_page()
-References:
-Notes:
- carnil> Introduced in b94e02822deb ("mm,hwpoison: try to narrow window race for free
- carnil> pages"). Vulnerable versions: 5.10-rc1.
-Bugs:
-upstream: released (5.16-rc7) [2a57d83c78f889bf3f54eede908d0643c40d5418]
-6.7-upstream-stable: N/A "Fixed before branching point"
-6.6-upstream-stable: N/A "Fixed before branching point"
-6.1-upstream-stable: N/A "Fixed before branching point"
-5.10-upstream-stable: released (5.10.89) [1f207076740101fed87074a6bc924dbe806f08a5]
-4.19-upstream-stable: N/A "Vulnerable code not present"
-sid: released (5.15.15-1)
-6.1-bookworm-security: N/A "Fixed before branching point"
-5.10-bullseye-security: released (5.10.92-1)
-4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/active/CVE-2021-47091 b/active/CVE-2021-47091
deleted file mode 100644
index 87fc79e6..00000000
--- a/active/CVE-2021-47091
+++ /dev/null
@@ -1,16 +0,0 @@
-Description: mac80211: fix locking in ieee80211_start_ap error path
-References:
-Notes:
- carnil> Introduced in 295b02c4be74 ("mac80211: Add FILS discovery support"). Vulnerable
- carnil> versions: 5.10-rc1.
-Bugs:
-upstream: released (5.16-rc7) [87a270625a89fc841f1a7e21aae6176543d8385c]
-6.7-upstream-stable: N/A "Fixed before branching point"
-6.6-upstream-stable: N/A "Fixed before branching point"
-6.1-upstream-stable: N/A "Fixed before branching point"
-5.10-upstream-stable: released (5.10.89) [ac61b9c6c0549aaeb98194cf429d93c41bfe5f79]
-4.19-upstream-stable: N/A "Vulnerable code not present"
-sid: released (5.15.15-1)
-6.1-bookworm-security: N/A "Fixed before branching point"
-5.10-bullseye-security: released (5.10.92-1)
-4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/active/CVE-2021-47092 b/active/CVE-2021-47092
deleted file mode 100644
index 53257ac9..00000000
--- a/active/CVE-2021-47092
+++ /dev/null
@@ -1,16 +0,0 @@
-Description: KVM: VMX: Always clear vmx->fail on emulation_required
-References:
-Notes:
- carnil> Introduced in c8607e4a086f ("KVM: x86: nVMX: don't fail nested VM entry on
- carnil> invalid guest state if !from_vmentry"). Vulnerable versions: 5.15-rc4.
-Bugs:
-upstream: released (5.16-rc7) [a80dfc025924024d2c61a4c1b8ef62b2fce76a04]
-6.7-upstream-stable: N/A "Fixed before branching point"
-6.6-upstream-stable: N/A "Fixed before branching point"
-6.1-upstream-stable: N/A "Fixed before branching point"
-5.10-upstream-stable: N/A "Vulnerable code not present"
-4.19-upstream-stable: N/A "Vulnerable code not present"
-sid: released (5.15.15-1)
-6.1-bookworm-security: N/A "Fixed before branching point"
-5.10-bullseye-security: N/A "Vulnerable code not present"
-4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/active/CVE-2021-47093 b/active/CVE-2021-47093
deleted file mode 100644
index 9da02033..00000000
--- a/active/CVE-2021-47093
+++ /dev/null
@@ -1,16 +0,0 @@
-Description: platform/x86: intel_pmc_core: fix memleak on registration failure
-References:
-Notes:
- carnil> Introduced in 938835aa903a ("platform/x86: intel_pmc_core: do not create a
- carnil> static struct device"). Vulnerable versions: 5.9.
-Bugs:
-upstream: released (5.16-rc7) [26a8b09437804fabfb1db080d676b96c0de68e7c]
-6.7-upstream-stable: N/A "Fixed before branching point"
-6.6-upstream-stable: N/A "Fixed before branching point"
-6.1-upstream-stable: N/A "Fixed before branching point"
-5.10-upstream-stable: released (5.10.89) [7a37f2e370699e2feca3dca6c8178c71ceee7e8a]
-4.19-upstream-stable: N/A "Vulnerable code not present"
-sid: released (5.15.15-1)
-6.1-bookworm-security: N/A "Fixed before branching point"
-5.10-bullseye-security: released (5.10.92-1)
-4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/active/CVE-2021-47095 b/active/CVE-2021-47095
deleted file mode 100644
index 230bbce4..00000000
--- a/active/CVE-2021-47095
+++ /dev/null
@@ -1,16 +0,0 @@
-Description: ipmi: ssif: initialize ssif_info->client early
-References:
-Notes:
- carnil> Introduced in c4436c9149c5 ("ipmi_ssif: avoid registering duplicate ssif
- carnil> interface"). Vulnerable versions: 5.4-rc1.
-Bugs:
-upstream: released (5.16-rc7) [34f35f8f14bc406efc06ee4ff73202c6fd245d15]
-6.7-upstream-stable: N/A "Fixed before branching point"
-6.6-upstream-stable: N/A "Fixed before branching point"
-6.1-upstream-stable: N/A "Fixed before branching point"
-5.10-upstream-stable: released (5.10.89) [1f6ab847461ce7dd89ae9db2dd4658c993355d7c]
-4.19-upstream-stable: N/A "Vulnerable code not present"
-sid: released (5.15.15-1)
-6.1-bookworm-security: N/A "Fixed before branching point"
-5.10-bullseye-security: released (5.10.92-1)
-4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/active/CVE-2021-47096 b/active/CVE-2021-47096
deleted file mode 100644
index bb2dad10..00000000
--- a/active/CVE-2021-47096
+++ /dev/null
@@ -1,16 +0,0 @@
-Description: ALSA: rawmidi - fix the uninitalized user_pversion
-References:
-Notes:
- carnil> Introduced in 09d23174402d ("ALSA: rawmidi: introduce
- carnil> SNDRV_RAWMIDI_IOCTL_USER_PVERSION"). Vulnerable versions: 5.14.10 5.15-rc4.
-Bugs:
-upstream: released (5.16-rc7) [39a8fc4971a00d22536aeb7d446ee4a97810611b]
-6.7-upstream-stable: N/A "Fixed before branching point"
-6.6-upstream-stable: N/A "Fixed before branching point"
-6.1-upstream-stable: N/A "Fixed before branching point"
-5.10-upstream-stable: N/A "Vulnerable code not present"
-4.19-upstream-stable: N/A "Vulnerable code not present"
-sid: released (5.15.15-1)
-6.1-bookworm-security: N/A "Fixed before branching point"
-5.10-bullseye-security: N/A "Vulnerable code not present"
-4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/active/CVE-2021-47097 b/active/CVE-2021-47097
deleted file mode 100644
index a98b7fad..00000000
--- a/active/CVE-2021-47097
+++ /dev/null
@@ -1,16 +0,0 @@
-Description: Input: elantech - fix stack out of bound access in elantech_change_report_id()
-References:
-Notes:
- carnil> Introduced in e4c9062717fe ("Input: elantech - fix protocol errors for some
- carnil> trackpoints in SMBus mode"). Vulnerable versions: 5.4.103 5.10.21 5.11-rc1.
-Bugs:
-upstream: released (5.16-rc7) [1d72d9f960ccf1052a0630a68c3d358791dbdaaa]
-6.7-upstream-stable: N/A "Fixed before branching point"
-6.6-upstream-stable: N/A "Fixed before branching point"
-6.1-upstream-stable: N/A "Fixed before branching point"
-5.10-upstream-stable: released (5.10.89) [676c572439e58b7ee6b7ca3f1e5595382921045c]
-4.19-upstream-stable: N/A "Vulnerable code not present"
-sid: released (5.15.15-1)
-6.1-bookworm-security: N/A "Fixed before branching point"
-5.10-bullseye-security: released (5.10.92-1)
-4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/active/CVE-2021-47098 b/active/CVE-2021-47098
deleted file mode 100644
index 2a30b16f..00000000
--- a/active/CVE-2021-47098
+++ /dev/null
@@ -1,16 +0,0 @@
-Description: hwmon: (lm90) Prevent integer overflow/underflow in hysteresis calculations
-References:
-Notes:
- carnil> Introduced in b50aa49638c7 ("hwmon: (lm90) Prevent integer underflows of
- carnil> temperature calculations"). Vulnerable versions: 5.14-rc1.
-Bugs:
-upstream: released (5.16-rc7) [55840b9eae5367b5d5b29619dc2fb7e4596dba46]
-6.7-upstream-stable: N/A "Fixed before branching point"
-6.6-upstream-stable: N/A "Fixed before branching point"
-6.1-upstream-stable: N/A "Fixed before branching point"
-5.10-upstream-stable: N/A "Vulnerable code not present"
-4.19-upstream-stable: N/A "Vulnerable code not present"
-sid: released (5.15.15-1)
-6.1-bookworm-security: N/A "Fixed before branching point"
-5.10-bullseye-security: N/A "Vulnerable code not present"
-4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/active/CVE-2021-47099 b/active/CVE-2021-47099
deleted file mode 100644
index 766441a7..00000000
--- a/active/CVE-2021-47099
+++ /dev/null
@@ -1,16 +0,0 @@
-Description: veth: ensure skb entering GRO are not cloned.
-References:
-Notes:
- carnil> Introduced in d3256efd8e8b ("veth: allow enabling NAPI even without XDP").
- carnil> Vulnerable versions: 5.13-rc1.
-Bugs:
-upstream: released (5.16-rc7) [9695b7de5b4760ed22132aca919570c0190cb0ce]
-6.7-upstream-stable: N/A "Fixed before branching point"
-6.6-upstream-stable: N/A "Fixed before branching point"
-6.1-upstream-stable: N/A "Fixed before branching point"
-5.10-upstream-stable: N/A "Vulnerable code not present"
-4.19-upstream-stable: N/A "Vulnerable code not present"
-sid: released (5.15.15-1)
-6.1-bookworm-security: N/A "Fixed before branching point"
-5.10-bullseye-security: N/A "Vulnerable code not present"
-4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/active/CVE-2021-47100 b/active/CVE-2021-47100
deleted file mode 100644
index 8c185311..00000000
--- a/active/CVE-2021-47100
+++ /dev/null
@@ -1,16 +0,0 @@
-Description: ipmi: Fix UAF when uninstall ipmi_si and ipmi_msghandler module
-References:
-Notes:
- carnil> Introduced in b2cfd8ab4add ("ipmi: Rework device id and guid handling to catch
- carnil> changing BMCs"). Vulnerable versions: 4.15-rc1.
-Bugs:
-upstream: released (5.16-rc7) [ffb76a86f8096a8206be03b14adda6092e18e275]
-6.7-upstream-stable: N/A "Fixed before branching point"
-6.6-upstream-stable: N/A "Fixed before branching point"
-6.1-upstream-stable: N/A "Fixed before branching point"
-5.10-upstream-stable: released (5.10.89) [6809da5185141e61401da5b01896b79a4deed1ad]
-4.19-upstream-stable: released (4.19.223) [925229d552724e1bba1abf01d3a0b1318539b012]
-sid: released (5.15.15-1)
-6.1-bookworm-security: N/A "Fixed before branching point"
-5.10-bullseye-security: released (5.10.92-1)
-4.19-buster-security: released (4.19.232-1)
diff --git a/active/CVE-2021-47102 b/active/CVE-2021-47102
deleted file mode 100644
index 0deb5cc4..00000000
--- a/active/CVE-2021-47102
+++ /dev/null
@@ -1,16 +0,0 @@
-Description: net: marvell: prestera: fix incorrect structure access
-References:
-Notes:
- carnil> Introduced in 3d5048cc54bd ("net: marvell: prestera: move netdev topology
- carnil> validation to prestera_main"). Vulnerable versions: 5.14-rc1.
-Bugs:
-upstream: released (5.16-rc7) [2efc2256febf214e7b2bdaa21fe6c3c3146acdcb]
-6.7-upstream-stable: N/A "Fixed before branching point"
-6.6-upstream-stable: N/A "Fixed before branching point"
-6.1-upstream-stable: N/A "Fixed before branching point"
-5.10-upstream-stable: N/A "Vulnerable code not present"
-4.19-upstream-stable: N/A "Vulnerable code not present"
-sid: released (5.15.15-1)
-6.1-bookworm-security: N/A "Fixed before branching point"
-5.10-bullseye-security: N/A "Vulnerable code not present"
-4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/active/CVE-2021-47103 b/active/CVE-2021-47103
deleted file mode 100644
index 81dc65fa..00000000
--- a/active/CVE-2021-47103
+++ /dev/null
@@ -1,16 +0,0 @@
-Description: inet: fully convert sk->sk_rx_dst to RCU rules
-References:
-Notes:
- carnil> Introduced in 41063e9dd119 ("ipv4: Early TCP socket demux."). Vulnerable
- carnil> versions: 3.6-rc1.
-Bugs:
-upstream: released (5.16-rc7) [8f905c0e7354ef261360fb7535ea079b1082c105]
-6.7-upstream-stable: N/A "Fixed before branching point"
-6.6-upstream-stable: N/A "Fixed before branching point"
-6.1-upstream-stable: N/A "Fixed before branching point"
-5.10-upstream-stable: released (5.10.150) [f039b43cbaea5e0700980c2f0052da05a70782e0]
-4.19-upstream-stable: released (4.19.262) [75a578000ae5e511e5d0e8433c94a14d9c99c412]
-sid: released (5.15.15-1)
-6.1-bookworm-security: N/A "Fixed before branching point"
-5.10-bullseye-security: released (5.10.158-1)
-4.19-buster-security: released (4.19.269-1)
diff --git a/active/CVE-2021-47104 b/active/CVE-2021-47104
deleted file mode 100644
index c2c0236b..00000000
--- a/active/CVE-2021-47104
+++ /dev/null
@@ -1,17 +0,0 @@
-Description: IB/qib: Fix memory leak in qib_user_sdma_queue_pkts()
-References:
-Notes:
- carnil> Introduced in d39bf40e55e6 ("IB/qib: Protect from buffer overflow in struct
- carnil> qib_user_sdma_pkt fields"). Vulnerable versions: 4.4.292 4.9.290 4.14.255
- carnil> 4.19.216 5.4.157 5.10.77 5.14.16 5.15.
-Bugs:
-upstream: released (5.16-rc7) [bee90911e0138c76ee67458ac0d58b38a3190f65]
-6.7-upstream-stable: N/A "Fixed before branching point"
-6.6-upstream-stable: N/A "Fixed before branching point"
-6.1-upstream-stable: N/A "Fixed before branching point"
-5.10-upstream-stable: released (5.10.89) [7cf6466e00a77b0a914b7b2c28a1fc7947d55e59]
-4.19-upstream-stable: released (4.19.223) [0aaec9c5f60754b56f84460ea439b8c5e91f4caa]
-sid: released (5.15.15-1)
-6.1-bookworm-security: N/A "Fixed before branching point"
-5.10-bullseye-security: released (5.10.92-1)
-4.19-buster-security: released (4.19.232-1)
diff --git a/active/CVE-2021-47106 b/active/CVE-2021-47106
deleted file mode 100644
index c49f691f..00000000
--- a/active/CVE-2021-47106
+++ /dev/null
@@ -1,16 +0,0 @@
-Description: netfilter: nf_tables: fix use-after-free in nft_set_catchall_destroy()
-References:
-Notes:
- carnil> Introduced in aaa31047a6d2 ("netfilter: nftables: add catch-all set element
- carnil> support"). Vulnerable versions: 5.13-rc1.
-Bugs:
-upstream: released (5.16-rc7) [0f7d9b31ce7abdbb29bf018131ac920c9f698518]
-6.7-upstream-stable: N/A "Fixed before branching point"
-6.6-upstream-stable: N/A "Fixed before branching point"
-6.1-upstream-stable: N/A "Fixed before branching point"
-5.10-upstream-stable: N/A "Vulnerable code not present"
-4.19-upstream-stable: N/A "Vulnerable code not present"
-sid: released (5.15.15-1)
-6.1-bookworm-security: N/A "Fixed before branching point"
-5.10-bullseye-security: N/A "Vulnerable code not present"
-4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/active/CVE-2021-47107 b/active/CVE-2021-47107
deleted file mode 100644
index b66b83ed..00000000
--- a/active/CVE-2021-47107
+++ /dev/null
@@ -1,18 +0,0 @@
-Description: NFSD: Fix READDIR buffer overflow
-References:
-Notes:
- carnil> Introduced in f5dcccd647da ("NFSD: Update the NFSv2 READDIR entry encoder to
- carnil> use struct xdr_stream")
- carnil> 7f87fc2d34d4 ("NFSD: Update NFSv3 READDIR entry encoders to use struct
- carnil> xdr_stream"). Vulnerable versions: 5.13-rc1.
-Bugs:
-upstream: released (5.16-rc7) [53b1119a6e5028b125f431a0116ba73510d82a72]
-6.7-upstream-stable: N/A "Fixed before branching point"
-6.6-upstream-stable: N/A "Fixed before branching point"
-6.1-upstream-stable: N/A "Fixed before branching point"
-5.10-upstream-stable: N/A "Vulnerable code not present"
-4.19-upstream-stable: N/A "Vulnerable code not present"
-sid: released (5.15.15-1)
-6.1-bookworm-security: N/A "Fixed before branching point"
-5.10-bullseye-security: N/A "Vulnerable code not present"
-4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/active/CVE-2021-47108 b/active/CVE-2021-47108
deleted file mode 100644
index f1e0fe12..00000000
--- a/active/CVE-2021-47108
+++ /dev/null
@@ -1,17 +0,0 @@
-Description: drm/mediatek: hdmi: Perform NULL pointer check for mtk_hdmi_conf
-References:
-Notes:
- carnil> Introduced in 41ca9caaae0b ("drm/mediatek: hdmi: Add check for CEA modes only")
- carnil> c91026a938c2 ("drm/mediatek: hdmi: Add optional limit on maximal HDMI mode
- carnil> clock"). Vulnerable versions: 5.14-rc1.
-Bugs:
-upstream: released (5.16-rc7) [3b8e19a0aa3933a785be9f1541afd8d398c4ec69]
-6.7-upstream-stable: N/A "Fixed before branching point"
-6.6-upstream-stable: N/A "Fixed before branching point"
-6.1-upstream-stable: N/A "Fixed before branching point"
-5.10-upstream-stable: N/A "Vulnerable code not present"
-4.19-upstream-stable: N/A "Vulnerable code not present"
-sid: released (5.15.15-1)
-6.1-bookworm-security: N/A "Fixed before branching point"
-5.10-bullseye-security: N/A "Vulnerable code not present"
-4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/retired/CVE-2021-47082 b/retired/CVE-2021-47082
new file mode 100644
index 00000000..e899aa55
--- /dev/null
+++ b/retired/CVE-2021-47082
@@ -0,0 +1,15 @@
+Description: tun: avoid double free in tun_free_netdev
+References:
+Notes:
+ carnil> First introducing commit could not be determined.
+Bugs:
+upstream: released (5.16-rc7) [158b515f703e75e7d68289bf4d98c664e1d632df]
+6.7-upstream-stable: N/A "Fixed before branching point"
+6.6-upstream-stable: N/A "Fixed before branching point"
+6.1-upstream-stable: N/A "Fixed before branching point"
+5.10-upstream-stable: released (5.10.136) [a01a4e9f5dc93335c716fa4023b1901956e8c904]
+4.19-upstream-stable: released (4.19.280) [8eb43d635950e27c29f1e9e49a23b31637f37757]
+sid: released (5.15.15-1)
+6.1-bookworm-security: N/A "Fixed before branching point"
+5.10-bullseye-security: released (5.10.136-1)
+4.19-buster-security: released (4.19.282-1)
diff --git a/retired/CVE-2021-47084 b/retired/CVE-2021-47084
new file mode 100644
index 00000000..ea7c2f58
--- /dev/null
+++ b/retired/CVE-2021-47084
@@ -0,0 +1,15 @@
+Description: hamradio: defer ax25 kfree after unregister_netdev
+References:
+Notes:
+ carnil> First introducing commit could not be determined.
+Bugs:
+upstream: released (5.16-rc1) [3e0588c291d6ce225f2b891753ca41d45ba42469]
+6.7-upstream-stable: N/A "Fixed before branching point"
+6.6-upstream-stable: N/A "Fixed before branching point"
+6.1-upstream-stable: N/A "Fixed before branching point"
+5.10-upstream-stable: released (5.10.89) [450121075a6a6f1d50f97225d3396315309d61a1]
+4.19-upstream-stable: released (4.19.223) [896193a02a2981e60c40d4614fd095ce92135ccd]
+sid: released (5.15.15-1)
+6.1-bookworm-security: N/A "Fixed before branching point"
+5.10-bullseye-security: released (5.10.92-1)
+4.19-buster-security: released (4.19.232-1)
diff --git a/retired/CVE-2021-47085 b/retired/CVE-2021-47085
new file mode 100644
index 00000000..c3ea36a3
--- /dev/null
+++ b/retired/CVE-2021-47085
@@ -0,0 +1,15 @@
+Description: hamradio: improve the incomplete fix to avoid NPD
+References:
+Notes:
+ carnil> First introducing commit could not be determined.
+Bugs:
+upstream: released (5.16-rc7) [b2f37aead1b82a770c48b5d583f35ec22aabb61e]
+6.7-upstream-stable: N/A "Fixed before branching point"
+6.6-upstream-stable: N/A "Fixed before branching point"
+6.1-upstream-stable: N/A "Fixed before branching point"
+5.10-upstream-stable: released (5.10.89) [7dd52af1eb5798f590d9d9e1c56ed8f5744ee0ca]
+4.19-upstream-stable: released (4.19.223) [b68f41c6320b2b7fbb54a95f07a69f3dc7e56c59]
+sid: released (5.15.15-1)
+6.1-bookworm-security: N/A "Fixed before branching point"
+5.10-bullseye-security: released (5.10.92-1)
+4.19-buster-security: released (4.19.232-1)
diff --git a/retired/CVE-2021-47086 b/retired/CVE-2021-47086
new file mode 100644
index 00000000..f06d9fb0
--- /dev/null
+++ b/retired/CVE-2021-47086
@@ -0,0 +1,15 @@
+Description: phonet/pep: refuse to enable an unbound pipe
+References:
+Notes:
+ carnil> First introducing commit could not be determined.
+Bugs:
+upstream: released (5.16-rc7) [75a2f31520095600f650597c0ac41f48b5ba0068]
+6.7-upstream-stable: N/A "Fixed before branching point"
+6.6-upstream-stable: N/A "Fixed before branching point"
+6.1-upstream-stable: N/A "Fixed before branching point"
+5.10-upstream-stable: released (5.10.89) [52ad5da8e316fa11e3a50b3f089aa63e4089bf52]
+4.19-upstream-stable: released (4.19.223) [982b6ba1ce626ef87e5c29f26f2401897554f235]
+sid: released (5.15.15-1)
+6.1-bookworm-security: N/A "Fixed before branching point"
+5.10-bullseye-security: released (5.10.92-1)
+4.19-buster-security: released (4.19.232-1)
diff --git a/retired/CVE-2021-47087 b/retired/CVE-2021-47087
new file mode 100644
index 00000000..e5d2150a
--- /dev/null
+++ b/retired/CVE-2021-47087
@@ -0,0 +1,16 @@
+Description: tee: optee: Fix incorrect page free bug
+References:
+Notes:
+ carnil> Introduced in ec185dd3ab25 ("optee: Fix memory leak when failing to register
+ carnil> shm pages"). Vulnerable versions: 5.4.140 5.10.58 5.13.10 5.14-rc5.
+Bugs:
+upstream: released (5.16-rc7) [18549bf4b21c739a9def39f27dcac53e27286ab5]
+6.7-upstream-stable: N/A "Fixed before branching point"
+6.6-upstream-stable: N/A "Fixed before branching point"
+6.1-upstream-stable: N/A "Fixed before branching point"
+5.10-upstream-stable: released (5.10.89) [ad338d825e3f7b96ee542bf313728af2d19fe9ad]
+4.19-upstream-stable: N/A "Vulnerable code not present"
+sid: released (5.15.15-1)
+6.1-bookworm-security: N/A "Fixed before branching point"
+5.10-bullseye-security: released (5.10.92-1)
+4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/retired/CVE-2021-47088 b/retired/CVE-2021-47088
new file mode 100644
index 00000000..defea2ea
--- /dev/null
+++ b/retired/CVE-2021-47088
@@ -0,0 +1,16 @@
+Description: mm/damon/dbgfs: protect targets destructions with kdamond_lock
+References:
+Notes:
+ carnil> Introduced in 4bc05954d007 ("mm/damon: implement a debugfs-based user space
+ carnil> interface"). Vulnerable versions: 5.15-rc1.
+Bugs:
+upstream: released (5.16-rc7) [34796417964b8d0aef45a99cf6c2d20cebe33733]
+6.7-upstream-stable: N/A "Fixed before branching point"
+6.6-upstream-stable: N/A "Fixed before branching point"
+6.1-upstream-stable: N/A "Fixed before branching point"
+5.10-upstream-stable: N/A "Vulnerable code not present"
+4.19-upstream-stable: N/A "Vulnerable code not present"
+sid: released (5.15.15-1)
+6.1-bookworm-security: N/A "Fixed before branching point"
+5.10-bullseye-security: N/A "Vulnerable code not present"
+4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/retired/CVE-2021-47089 b/retired/CVE-2021-47089
new file mode 100644
index 00000000..f9c0f686
--- /dev/null
+++ b/retired/CVE-2021-47089
@@ -0,0 +1,16 @@
+Description: kfence: fix memory leak when cat kfence objects
+References:
+Notes:
+ carnil> Introduced in 0ce20dd84089 ("mm: add Kernel Electric-Fence infrastructure").
+ carnil> Vulnerable versions: 5.12-rc1.
+Bugs:
+upstream: released (5.16-rc7) [0129ab1f268b6cf88825eae819b9b84aa0a85634]
+6.7-upstream-stable: N/A "Fixed before branching point"
+6.6-upstream-stable: N/A "Fixed before branching point"
+6.1-upstream-stable: N/A "Fixed before branching point"
+5.10-upstream-stable: N/A "Vulnerable code not present"
+4.19-upstream-stable: N/A "Vulnerable code not present"
+sid: released (5.15.15-1)
+6.1-bookworm-security: N/A "Fixed before branching point"
+5.10-bullseye-security: N/A "Vulnerable code not present"
+4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/retired/CVE-2021-47090 b/retired/CVE-2021-47090
new file mode 100644
index 00000000..b37f8556
--- /dev/null
+++ b/retired/CVE-2021-47090
@@ -0,0 +1,16 @@
+Description: mm/hwpoison: clear MF_COUNT_INCREASED before retrying get_any_page()
+References:
+Notes:
+ carnil> Introduced in b94e02822deb ("mm,hwpoison: try to narrow window race for free
+ carnil> pages"). Vulnerable versions: 5.10-rc1.
+Bugs:
+upstream: released (5.16-rc7) [2a57d83c78f889bf3f54eede908d0643c40d5418]
+6.7-upstream-stable: N/A "Fixed before branching point"
+6.6-upstream-stable: N/A "Fixed before branching point"
+6.1-upstream-stable: N/A "Fixed before branching point"
+5.10-upstream-stable: released (5.10.89) [1f207076740101fed87074a6bc924dbe806f08a5]
+4.19-upstream-stable: N/A "Vulnerable code not present"
+sid: released (5.15.15-1)
+6.1-bookworm-security: N/A "Fixed before branching point"
+5.10-bullseye-security: released (5.10.92-1)
+4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/retired/CVE-2021-47091 b/retired/CVE-2021-47091
new file mode 100644
index 00000000..87fc79e6
--- /dev/null
+++ b/retired/CVE-2021-47091
@@ -0,0 +1,16 @@
+Description: mac80211: fix locking in ieee80211_start_ap error path
+References:
+Notes:
+ carnil> Introduced in 295b02c4be74 ("mac80211: Add FILS discovery support"). Vulnerable
+ carnil> versions: 5.10-rc1.
+Bugs:
+upstream: released (5.16-rc7) [87a270625a89fc841f1a7e21aae6176543d8385c]
+6.7-upstream-stable: N/A "Fixed before branching point"
+6.6-upstream-stable: N/A "Fixed before branching point"
+6.1-upstream-stable: N/A "Fixed before branching point"
+5.10-upstream-stable: released (5.10.89) [ac61b9c6c0549aaeb98194cf429d93c41bfe5f79]
+4.19-upstream-stable: N/A "Vulnerable code not present"
+sid: released (5.15.15-1)
+6.1-bookworm-security: N/A "Fixed before branching point"
+5.10-bullseye-security: released (5.10.92-1)
+4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/retired/CVE-2021-47092 b/retired/CVE-2021-47092
new file mode 100644
index 00000000..53257ac9
--- /dev/null
+++ b/retired/CVE-2021-47092
@@ -0,0 +1,16 @@
+Description: KVM: VMX: Always clear vmx->fail on emulation_required
+References:
+Notes:
+ carnil> Introduced in c8607e4a086f ("KVM: x86: nVMX: don't fail nested VM entry on
+ carnil> invalid guest state if !from_vmentry"). Vulnerable versions: 5.15-rc4.
+Bugs:
+upstream: released (5.16-rc7) [a80dfc025924024d2c61a4c1b8ef62b2fce76a04]
+6.7-upstream-stable: N/A "Fixed before branching point"
+6.6-upstream-stable: N/A "Fixed before branching point"
+6.1-upstream-stable: N/A "Fixed before branching point"
+5.10-upstream-stable: N/A "Vulnerable code not present"
+4.19-upstream-stable: N/A "Vulnerable code not present"
+sid: released (5.15.15-1)
+6.1-bookworm-security: N/A "Fixed before branching point"
+5.10-bullseye-security: N/A "Vulnerable code not present"
+4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/retired/CVE-2021-47093 b/retired/CVE-2021-47093
new file mode 100644
index 00000000..9da02033
--- /dev/null
+++ b/retired/CVE-2021-47093
@@ -0,0 +1,16 @@
+Description: platform/x86: intel_pmc_core: fix memleak on registration failure
+References:
+Notes:
+ carnil> Introduced in 938835aa903a ("platform/x86: intel_pmc_core: do not create a
+ carnil> static struct device"). Vulnerable versions: 5.9.
+Bugs:
+upstream: released (5.16-rc7) [26a8b09437804fabfb1db080d676b96c0de68e7c]
+6.7-upstream-stable: N/A "Fixed before branching point"
+6.6-upstream-stable: N/A "Fixed before branching point"
+6.1-upstream-stable: N/A "Fixed before branching point"
+5.10-upstream-stable: released (5.10.89) [7a37f2e370699e2feca3dca6c8178c71ceee7e8a]
+4.19-upstream-stable: N/A "Vulnerable code not present"
+sid: released (5.15.15-1)
+6.1-bookworm-security: N/A "Fixed before branching point"
+5.10-bullseye-security: released (5.10.92-1)
+4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/retired/CVE-2021-47095 b/retired/CVE-2021-47095
new file mode 100644
index 00000000..230bbce4
--- /dev/null
+++ b/retired/CVE-2021-47095
@@ -0,0 +1,16 @@
+Description: ipmi: ssif: initialize ssif_info->client early
+References:
+Notes:
+ carnil> Introduced in c4436c9149c5 ("ipmi_ssif: avoid registering duplicate ssif
+ carnil> interface"). Vulnerable versions: 5.4-rc1.
+Bugs:
+upstream: released (5.16-rc7) [34f35f8f14bc406efc06ee4ff73202c6fd245d15]
+6.7-upstream-stable: N/A "Fixed before branching point"
+6.6-upstream-stable: N/A "Fixed before branching point"
+6.1-upstream-stable: N/A "Fixed before branching point"
+5.10-upstream-stable: released (5.10.89) [1f6ab847461ce7dd89ae9db2dd4658c993355d7c]
+4.19-upstream-stable: N/A "Vulnerable code not present"
+sid: released (5.15.15-1)
+6.1-bookworm-security: N/A "Fixed before branching point"
+5.10-bullseye-security: released (5.10.92-1)
+4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/retired/CVE-2021-47096 b/retired/CVE-2021-47096
new file mode 100644
index 00000000..bb2dad10
--- /dev/null
+++ b/retired/CVE-2021-47096
@@ -0,0 +1,16 @@
+Description: ALSA: rawmidi - fix the uninitalized user_pversion
+References:
+Notes:
+ carnil> Introduced in 09d23174402d ("ALSA: rawmidi: introduce
+ carnil> SNDRV_RAWMIDI_IOCTL_USER_PVERSION"). Vulnerable versions: 5.14.10 5.15-rc4.
+Bugs:
+upstream: released (5.16-rc7) [39a8fc4971a00d22536aeb7d446ee4a97810611b]
+6.7-upstream-stable: N/A "Fixed before branching point"
+6.6-upstream-stable: N/A "Fixed before branching point"
+6.1-upstream-stable: N/A "Fixed before branching point"
+5.10-upstream-stable: N/A "Vulnerable code not present"
+4.19-upstream-stable: N/A "Vulnerable code not present"
+sid: released (5.15.15-1)
+6.1-bookworm-security: N/A "Fixed before branching point"
+5.10-bullseye-security: N/A "Vulnerable code not present"
+4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/retired/CVE-2021-47097 b/retired/CVE-2021-47097
new file mode 100644
index 00000000..a98b7fad
--- /dev/null
+++ b/retired/CVE-2021-47097
@@ -0,0 +1,16 @@
+Description: Input: elantech - fix stack out of bound access in elantech_change_report_id()
+References:
+Notes:
+ carnil> Introduced in e4c9062717fe ("Input: elantech - fix protocol errors for some
+ carnil> trackpoints in SMBus mode"). Vulnerable versions: 5.4.103 5.10.21 5.11-rc1.
+Bugs:
+upstream: released (5.16-rc7) [1d72d9f960ccf1052a0630a68c3d358791dbdaaa]
+6.7-upstream-stable: N/A "Fixed before branching point"
+6.6-upstream-stable: N/A "Fixed before branching point"
+6.1-upstream-stable: N/A "Fixed before branching point"
+5.10-upstream-stable: released (5.10.89) [676c572439e58b7ee6b7ca3f1e5595382921045c]
+4.19-upstream-stable: N/A "Vulnerable code not present"
+sid: released (5.15.15-1)
+6.1-bookworm-security: N/A "Fixed before branching point"
+5.10-bullseye-security: released (5.10.92-1)
+4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/retired/CVE-2021-47098 b/retired/CVE-2021-47098
new file mode 100644
index 00000000..2a30b16f
--- /dev/null
+++ b/retired/CVE-2021-47098
@@ -0,0 +1,16 @@
+Description: hwmon: (lm90) Prevent integer overflow/underflow in hysteresis calculations
+References:
+Notes:
+ carnil> Introduced in b50aa49638c7 ("hwmon: (lm90) Prevent integer underflows of
+ carnil> temperature calculations"). Vulnerable versions: 5.14-rc1.
+Bugs:
+upstream: released (5.16-rc7) [55840b9eae5367b5d5b29619dc2fb7e4596dba46]
+6.7-upstream-stable: N/A "Fixed before branching point"
+6.6-upstream-stable: N/A "Fixed before branching point"
+6.1-upstream-stable: N/A "Fixed before branching point"
+5.10-upstream-stable: N/A "Vulnerable code not present"
+4.19-upstream-stable: N/A "Vulnerable code not present"
+sid: released (5.15.15-1)
+6.1-bookworm-security: N/A "Fixed before branching point"
+5.10-bullseye-security: N/A "Vulnerable code not present"
+4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/retired/CVE-2021-47099 b/retired/CVE-2021-47099
new file mode 100644
index 00000000..766441a7
--- /dev/null
+++ b/retired/CVE-2021-47099
@@ -0,0 +1,16 @@
+Description: veth: ensure skb entering GRO are not cloned.
+References:
+Notes:
+ carnil> Introduced in d3256efd8e8b ("veth: allow enabling NAPI even without XDP").
+ carnil> Vulnerable versions: 5.13-rc1.
+Bugs:
+upstream: released (5.16-rc7) [9695b7de5b4760ed22132aca919570c0190cb0ce]
+6.7-upstream-stable: N/A "Fixed before branching point"
+6.6-upstream-stable: N/A "Fixed before branching point"
+6.1-upstream-stable: N/A "Fixed before branching point"
+5.10-upstream-stable: N/A "Vulnerable code not present"
+4.19-upstream-stable: N/A "Vulnerable code not present"
+sid: released (5.15.15-1)
+6.1-bookworm-security: N/A "Fixed before branching point"
+5.10-bullseye-security: N/A "Vulnerable code not present"
+4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/retired/CVE-2021-47100 b/retired/CVE-2021-47100
new file mode 100644
index 00000000..8c185311
--- /dev/null
+++ b/retired/CVE-2021-47100
@@ -0,0 +1,16 @@
+Description: ipmi: Fix UAF when uninstall ipmi_si and ipmi_msghandler module
+References:
+Notes:
+ carnil> Introduced in b2cfd8ab4add ("ipmi: Rework device id and guid handling to catch
+ carnil> changing BMCs"). Vulnerable versions: 4.15-rc1.
+Bugs:
+upstream: released (5.16-rc7) [ffb76a86f8096a8206be03b14adda6092e18e275]
+6.7-upstream-stable: N/A "Fixed before branching point"
+6.6-upstream-stable: N/A "Fixed before branching point"
+6.1-upstream-stable: N/A "Fixed before branching point"
+5.10-upstream-stable: released (5.10.89) [6809da5185141e61401da5b01896b79a4deed1ad]
+4.19-upstream-stable: released (4.19.223) [925229d552724e1bba1abf01d3a0b1318539b012]
+sid: released (5.15.15-1)
+6.1-bookworm-security: N/A "Fixed before branching point"
+5.10-bullseye-security: released (5.10.92-1)
+4.19-buster-security: released (4.19.232-1)
diff --git a/retired/CVE-2021-47102 b/retired/CVE-2021-47102
new file mode 100644
index 00000000..0deb5cc4
--- /dev/null
+++ b/retired/CVE-2021-47102
@@ -0,0 +1,16 @@
+Description: net: marvell: prestera: fix incorrect structure access
+References:
+Notes:
+ carnil> Introduced in 3d5048cc54bd ("net: marvell: prestera: move netdev topology
+ carnil> validation to prestera_main"). Vulnerable versions: 5.14-rc1.
+Bugs:
+upstream: released (5.16-rc7) [2efc2256febf214e7b2bdaa21fe6c3c3146acdcb]
+6.7-upstream-stable: N/A "Fixed before branching point"
+6.6-upstream-stable: N/A "Fixed before branching point"
+6.1-upstream-stable: N/A "Fixed before branching point"
+5.10-upstream-stable: N/A "Vulnerable code not present"
+4.19-upstream-stable: N/A "Vulnerable code not present"
+sid: released (5.15.15-1)
+6.1-bookworm-security: N/A "Fixed before branching point"
+5.10-bullseye-security: N/A "Vulnerable code not present"
+4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/retired/CVE-2021-47103 b/retired/CVE-2021-47103
new file mode 100644
index 00000000..81dc65fa
--- /dev/null
+++ b/retired/CVE-2021-47103
@@ -0,0 +1,16 @@
+Description: inet: fully convert sk->sk_rx_dst to RCU rules
+References:
+Notes:
+ carnil> Introduced in 41063e9dd119 ("ipv4: Early TCP socket demux."). Vulnerable
+ carnil> versions: 3.6-rc1.
+Bugs:
+upstream: released (5.16-rc7) [8f905c0e7354ef261360fb7535ea079b1082c105]
+6.7-upstream-stable: N/A "Fixed before branching point"
+6.6-upstream-stable: N/A "Fixed before branching point"
+6.1-upstream-stable: N/A "Fixed before branching point"
+5.10-upstream-stable: released (5.10.150) [f039b43cbaea5e0700980c2f0052da05a70782e0]
+4.19-upstream-stable: released (4.19.262) [75a578000ae5e511e5d0e8433c94a14d9c99c412]
+sid: released (5.15.15-1)
+6.1-bookworm-security: N/A "Fixed before branching point"
+5.10-bullseye-security: released (5.10.158-1)
+4.19-buster-security: released (4.19.269-1)
diff --git a/retired/CVE-2021-47104 b/retired/CVE-2021-47104
new file mode 100644
index 00000000..c2c0236b
--- /dev/null
+++ b/retired/CVE-2021-47104
@@ -0,0 +1,17 @@
+Description: IB/qib: Fix memory leak in qib_user_sdma_queue_pkts()
+References:
+Notes:
+ carnil> Introduced in d39bf40e55e6 ("IB/qib: Protect from buffer overflow in struct
+ carnil> qib_user_sdma_pkt fields"). Vulnerable versions: 4.4.292 4.9.290 4.14.255
+ carnil> 4.19.216 5.4.157 5.10.77 5.14.16 5.15.
+Bugs:
+upstream: released (5.16-rc7) [bee90911e0138c76ee67458ac0d58b38a3190f65]
+6.7-upstream-stable: N/A "Fixed before branching point"
+6.6-upstream-stable: N/A "Fixed before branching point"
+6.1-upstream-stable: N/A "Fixed before branching point"
+5.10-upstream-stable: released (5.10.89) [7cf6466e00a77b0a914b7b2c28a1fc7947d55e59]
+4.19-upstream-stable: released (4.19.223) [0aaec9c5f60754b56f84460ea439b8c5e91f4caa]
+sid: released (5.15.15-1)
+6.1-bookworm-security: N/A "Fixed before branching point"
+5.10-bullseye-security: released (5.10.92-1)
+4.19-buster-security: released (4.19.232-1)
diff --git a/retired/CVE-2021-47106 b/retired/CVE-2021-47106
new file mode 100644
index 00000000..c49f691f
--- /dev/null
+++ b/retired/CVE-2021-47106
@@ -0,0 +1,16 @@
+Description: netfilter: nf_tables: fix use-after-free in nft_set_catchall_destroy()
+References:
+Notes:
+ carnil> Introduced in aaa31047a6d2 ("netfilter: nftables: add catch-all set element
+ carnil> support"). Vulnerable versions: 5.13-rc1.
+Bugs:
+upstream: released (5.16-rc7) [0f7d9b31ce7abdbb29bf018131ac920c9f698518]
+6.7-upstream-stable: N/A "Fixed before branching point"
+6.6-upstream-stable: N/A "Fixed before branching point"
+6.1-upstream-stable: N/A "Fixed before branching point"
+5.10-upstream-stable: N/A "Vulnerable code not present"
+4.19-upstream-stable: N/A "Vulnerable code not present"
+sid: released (5.15.15-1)
+6.1-bookworm-security: N/A "Fixed before branching point"
+5.10-bullseye-security: N/A "Vulnerable code not present"
+4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/retired/CVE-2021-47107 b/retired/CVE-2021-47107
new file mode 100644
index 00000000..b66b83ed
--- /dev/null
+++ b/retired/CVE-2021-47107
@@ -0,0 +1,18 @@
+Description: NFSD: Fix READDIR buffer overflow
+References:
+Notes:
+ carnil> Introduced in f5dcccd647da ("NFSD: Update the NFSv2 READDIR entry encoder to
+ carnil> use struct xdr_stream")
+ carnil> 7f87fc2d34d4 ("NFSD: Update NFSv3 READDIR entry encoders to use struct
+ carnil> xdr_stream"). Vulnerable versions: 5.13-rc1.
+Bugs:
+upstream: released (5.16-rc7) [53b1119a6e5028b125f431a0116ba73510d82a72]
+6.7-upstream-stable: N/A "Fixed before branching point"
+6.6-upstream-stable: N/A "Fixed before branching point"
+6.1-upstream-stable: N/A "Fixed before branching point"
+5.10-upstream-stable: N/A "Vulnerable code not present"
+4.19-upstream-stable: N/A "Vulnerable code not present"
+sid: released (5.15.15-1)
+6.1-bookworm-security: N/A "Fixed before branching point"
+5.10-bullseye-security: N/A "Vulnerable code not present"
+4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/retired/CVE-2021-47108 b/retired/CVE-2021-47108
new file mode 100644
index 00000000..f1e0fe12
--- /dev/null
+++ b/retired/CVE-2021-47108
@@ -0,0 +1,17 @@
+Description: drm/mediatek: hdmi: Perform NULL pointer check for mtk_hdmi_conf
+References:
+Notes:
+ carnil> Introduced in 41ca9caaae0b ("drm/mediatek: hdmi: Add check for CEA modes only")
+ carnil> c91026a938c2 ("drm/mediatek: hdmi: Add optional limit on maximal HDMI mode
+ carnil> clock"). Vulnerable versions: 5.14-rc1.
+Bugs:
+upstream: released (5.16-rc7) [3b8e19a0aa3933a785be9f1541afd8d398c4ec69]
+6.7-upstream-stable: N/A "Fixed before branching point"
+6.6-upstream-stable: N/A "Fixed before branching point"
+6.1-upstream-stable: N/A "Fixed before branching point"
+5.10-upstream-stable: N/A "Vulnerable code not present"
+4.19-upstream-stable: N/A "Vulnerable code not present"
+sid: released (5.15.15-1)
+6.1-bookworm-security: N/A "Fixed before branching point"
+5.10-bullseye-security: N/A "Vulnerable code not present"
+4.19-buster-security: N/A "Vulnerable code not present"
-- 
cgit v1.2.3